[Salt Lake City] – Ostrich Cyber-Risk (Ostrich), a pioneer and prestigious provider of cyber-risk management solutions, is excited to announce a partnership with Kyndryl, the world's largest IT infrastructure services provider.

John Feezell, Director of Risk Advisory Services for Kyndryl, commented, "This partnership supports our commitment to providing world-class, standards-based cyber risk quantification (CRQ) services. The combination of Ostrich's innovative technologies and Kyndryl's deep heritage in consulting, can enable well-informed decisions around Zero Trust journeys, materiality discussions, return on controls investment, etc”.

Greg Spicer, Co-Founder of Ostrich Cyber-Risk, expressed his optimism for the partnership, stating, “Our collaboration with Kyndryl represents a synergy of strengths that will undoubtedly benefit our clients. Together, we are poised to set new standards in cyber risk management. Kyndryl’s expertise around risk quantification coupled with our Birdseye™ Cyber Risk Management application will give clients insight into the financial impact of cyber risks facing their organization and a sustainable action plan towards remediating and lowering those risks”.

Ostrich Cyber-Risk and Kyndryl will leverage this partnership to integrate Ostrich's advanced cyber-risk management application, Birdseye™, into Kyndryl's Cyber Risk Quantification services. By doing so, they aim to provide clients with holistic solutions that place defensible, risk-based decision-making front and center.

For more information about Kyndryl's cyber resilience services, please visit https://www.kyndryl.com/ca/en/services/cyber-resilience.

About Ostrich Cyber-Risk

A recognized leader in cyber-risk management, Ostrich empowers risk and security teams to proactively assess cyber risk exposure in financial terms. Our Birdseye™ Cyber Risk Management application, grounded in industry benchmarks like NIST CSF, ISO, MITRE, and CRI, is a risk-based cybersecurity program management application that helps users determine their biggest cyber risks and which controls most efficiently reduce those risks through qualitative risk analysis and quantitative scenario simulation through the Open FAIR™ ontology. This unique approach enables organizations to swiftly prioritize and quantify financial and operational risks in real-time to make informed business decisions on cybersecurity. Learn more at www.ostrichcyber-risk.com.

SALT LAKE CITY, — Ostrich Cyber-Risk, a leading cyber risk management company, proudly announces its ongoing partnership with the FAIR Institute as an Institute Sponsor for the year 2024. This strategic collaboration reaffirms Ostrich Cyber-Risk's commitment to advancing the discipline of measuring and managing information risk in the cybersecurity landscape.

As an Institute Sponsor, Ostrich Cyber-Risk will continue to contribute to the FAIR community by holding a seat on the Advisory Board, collaborating on thought leadership materials and webinars, participating in Institute events, and serving as a premier sponsor of the annual FAIR conference, FAIRCON24, scheduled for October. Additionally, the partnership includes support for multiple local chapter meetings throughout the year.

"We're excited to further our partnership with the FAIR Institute," said Bret Laughlin, CEO and Co-Founder of Ostrich Cyber-Risk. "The FAIR standard remains integral to our Birdseye™ SaaS solution, underpinning our commitment to advancing cyber risk management practices. By reaffirming our support as an Institute Sponsor, we continue to strengthen our collaboration with the FAIR Institute, driving innovation and excellence in this space."

FAIR™, recognized as the international standard for cyber and operational risk analysis and quantification, aligns perfectly with Ostrich Cyber-Risk's mission to empower organizations in making informed decisions about their cybersecurity investments. With FAIR™, businesses can apply traditional financial analytics to cybersecurity, enabling them to prioritize risks, assess control effectiveness, and allocate resources for maximum impact.

"We're thrilled to have Ostrich Cyber-Risk remain as a Sponsor of the FAIR Institute," added Jack Jones, Chairman Emeritus of the FAIR Institute. "We look forward to collaborating with the Ostrich Cyber-Risk team to advance the adoption of the FAIR™ model and help our members build quantitative risk management programs."

About the FAIR Institute:

The FAIR Institute is a research-driven not-for-profit organization dedicated to advancing the discipline of cyber and operational risk management through education, standards and collaboration. The Institute is made up of forward-thinking risk officers, cybersecurity leaders and business executives that operates with a central mission: “Establish and promote risk management best practices that empower security and risk professionals to collaborate with their business partners on achieving the right balance between protecting the organization and running the business.” Factor Analysis of Information Risk (FAIR™) is the framework and the driver behind our mission. Learn more and become a member today: www.fairinstitute.org.

About Ostrich Cyber-Risk:

A recognized leader in cyber-risk management, Ostrich empowers risk and security teams to proactively assess cyber risk exposure in financial terms. Our Birdseye™ Cyber Risk Management application, grounded in industry benchmarks like NIST CSF, ISO, MITRE, and CRI, is a risk-based cybersecurity program management application that helps users determine their biggest cyber risks and which controls most efficiently reduce those risks through qualitative risk analysis and quantitative scenario simulation through the Open FAIR™ ontology. This unique approach enables organizations to swiftly prioritize and quantify financial and operational risks in real-time to make informed business decisions on cybersecurity. Learn more at www.ostrichcyber-risk.com.

SALT LAKE CITY, — Ostrich Cyber-Risk (Ostrich), a pioneer and prestigious provider of cyber-risk management solutions, is excited to announce a partnership with C-Risk, a leading service provider of cyber risk management in Europe.

Tom Callaghan, Co-Founder of C-Risk, commented, "C-Risk has built a portfolio of services which help our clients to unlock the value of quantitative risk management. We are thrilled to announce our professional services partnership with Ostrich Cyber Risk. The Ostrich platform provides both an innovative control framework assessment solution and a fully Open FAIR™ compliant CRQ tool to model risk in financial terms. We look forward to working with our joint clients to leverage these capabilities to accelerate business value from the application of quantitative risk management."

Greg Spicer, Co-Founder and CRO of Ostrich Cyber-Risk, expressed enthusiasm for the partnership, stating, “We are excited to partner with C-Risk. Their reputation and consultative expertise in cyber risk is a perfect pairing with our Birdseye™ CRQ application. We look forward to jointly delivering solutions to the cybersecurity community to effectively address cyber risk in quantifiable terms.”

Ostrich Cyber-Risk and C-Risk anticipate a collaborative journey that will empower organizations to navigate the complex landscape of cyber risks with confidence, signifying a shared commitment to advancing cybersecurity standards and providing organizations with robust tools to quantify materiality, make informed decisions, and safeguard against evolving cyber threats.

About Ostrich Cyber-Risk

A recognized leader in cyber-risk management, Ostrich empowers risk and security teams to proactively assess cyber risk exposure in financial terms. Our Birdseye™ Cyber Risk Management application, grounded in industry benchmarks like NIST CSF, ISO, MITRE, and CRI, combines qualitative risk analysis and quantitative scenario simulation through the Open FAIR™ ontology. This unique approach enables organizations to swiftly prioritize and quantify financial and operational risks in real-time to make informed business decisions on cybersecurity. Learn more here.

About C-Risk

C-Risk is a recognized expert in risk management and Cyber Risk Quantification using the FAIR™ methodology. This deep expertise in information and technology risk extends across multiple sectors, making C-Risk a trusted partner for organizations worldwide. Since launching in 2016, C-Risk has helped clients understand the information risks specific to their business, target their security investments more effectively, and protect their critical digital assets. C-Risk also provides CRQ training, equipping risk professionals and decision-makers with effective methods to analyze and communicate cyber risk in financial terms. Driven by their commitment to growth and innovation, C-Risk is broadening its geographic presence and ramping up its research and development efforts to improve existing use cases and develop new ways to use CRQ. This strategic expansion will build up their internal capabilities while providing customers unparalleled value in cyber risk management. Visit C-Risk.com and follow at @C-Risk.

SALT LAKE CITY, — Ostrich Cyber-Risk, a leading vendor in cyber-risk management offering both qualitative and quantitative solutions, today announced it has joined the Cyber Risk Institute (CRI), a globally recognized not-for-profit coalition of financial institutions and trade associations that strives to sharpen cybersecurity to protect the global economy, as an Innovator Sponsor. By working together, Ostrich Cyber-Risk and CRI will help financial institutions measure their security program capabilities to achieve greater cyber readiness and enhance cybersecurity and resiliency through standardization.  

The CRI Cyber Profile assessment helps financial institutions measure their security program capabilities by expanding the NIST Cyber Security Framework (CSF) to address the focus of regulators on important governance and third-party issues. The Cyber Profile is recognized as a global standard for cyber risk assessment, offers more coverage than the NIST CSF and can be tailored to financial institutions of various sizes with different risk environments and tolerances. 

“We are a huge supporter of CRI’s mission to improve financial institution’s organizational resiliency to cyber threats. Our implementation of the Cyber Profile makes it very easy for organizations of all sizes to perform assessments and measure their risk more accurately. We hope other vendors in the cyber risk community adopt the Cyber Profile and follow us in sponsoring CRI’s mission of improving cybersecurity to improve the global economy,” said Bret Laughlin, CEO and Co-Founder, Ostrich Cyber-Risk.  

Implementing CRI’s Cyber Profile into Ostrich Cyber Risk’s intuitive SaaS workflow with built-in subject matter expert collaboration and program management, will enable financial institutions of all sizes to take the assessment at the tier best representing their operations size to measure security program controls that matter most to them.  

Additionally, CRI’s Cyber Profile combined with Ostrich-Cyber Risk’s Quantify solution produces results that can be used to drive risk scenario scope and data inputs to quantify loss exposure forecasts in financial terms for different risk types. In turn, these outcomes help drive proactive decision support based on an organization’s governance about appropriate handling to mitigate material risks. 

"CRI is honored to have Ostrich Cyber-Risk join our expanding network of Innovators. The Profile is offered for free as a compliance assessment framework for financial institutions. The leadership that Ostrich Cyber-Risk and others are showing by joining CRI helps us ensure that it is responsibly licensed for commercial use. This is key for the continued health of the entire ecosystem. In taking this step, Ostrich Cyber-Risk has joined the ranks of leading organizations working together to better secure the financial sector, and we welcome them to this effort,” said Josh Magri, CRI’s President and Founder. 

About Ostrich Cyber-Risk 

Ostrich Cyber-Risk helps organizations reduce the complexity of identifying, quantifying and communicating cyber and operational risks related to your cybersecurity posture with its Birdseye™ SaaS solution. Benchmarked against NIST CSF with references to best standards, Birdseye™ is a unified qualitative and quantitative cyber risk management application that offers an intuitive assessment workflow to track your organization’s risk over time, all in one place. The Birdseye™ proprietary features include continuous progress tracking, real world data insights from Advisen for peer comparison, its CRQ Simulator that simulates unlimited risk scenarios to enable risk-reduction ROI calculations, and shareable reports. Learn more at https://www.ostrichcyber-risk.com/. 

About Cyber Risk Institute 

The Cyber Risk Institute (CRI) is a not-for-profit coalition of financial institutions and trade associations. We’re working to protect the global economy by enhancing cybersecurity and resiliency through standardization.  

Our Cyber Profile tool is the benchmark for cyber security and resiliency in the financial services industry. This ever-evolving and concise list of assessment questions is curated based on the intersection of global regulations and cyber standards, such as ISO and NIST. Learn more at https://cyberriskinstitute.org/about/.